Sysdig Cloud Connector leverages Cloud Audit log like AWS CloudTrail, or GCP Audit log as the source of truth for operational audit, enabling governance, compliance, operational auditing, and risk auditing for your cloud accounts.

By leveraging AWS CloudTrail and the Falco language you will be able to detect any unexpected or unwanted behaviour in your AWS accounts.

Cloud Connector Overview


Sysdig Cloud Connector is part of Sysdig Cloud Security platform. Please check Sysdig Cloud Security site for installation guides on the different cloud providers.


All the components can be controlled using a simple YAML configuration, you can configure the sources of information, where the rules are loaded from and the notifiers to send alerts.

Rules bundled

Following the batteries included philosophy, the Cloud Connector ships a set of rules out of the box.

You can find a listing of rules: